Boson Notes

Question 1

Differences between “switchport port-security restrict/protect/shutdown”

Answer 1

restrict: Interface will remain up if more than the max # of addresses are learned, but traffic from the violating devices is dropped and log entry is generated
protect: same as restrict but no log is generated
shutdown: shuts down the port if more than max allowed MAC addresses are learned on the interface

Question 2

DIfference between alternate and backup port

Answer 2

Alternate: Will become root if root fails

Backup port: When connected to a hub

Question 3

What’s the default priority for STP?

Answer 3

32786 [0-65535]

Question 4

RSTP port types

Answer 4

P2P: switch to switch
Shared: connected to a hub (half-duplex)
Edge: connected to hosts

Question 5

spanning-tree root primary, what is default priority in this case?

Answer 5

Default priority 24576, unless there is a switch with lower priority, then deduct increment of 4096

Question 6

Four modes of VTP

Answer 6

Client, server, transparent, off

Question 7

Requirements for VTP

Answer 7

Domain Name must match, they must have a trunk

Question 8

ACL Standard and Extended numbers

Answer 8

Standard:
1-99
1300-1999

Extended:
100-199
2000-2699

Question 9

IPV4 AND IPV6. Relate them to numbered and named ACLs

Answer 9

IPv6 only named ACLs

IPv4 only numbered and named ACLs

Question 10

What is DTP?

Answer 10

DTP: dynamic desirable and dynamic auto to actively make trunks

Question 11

Steps for finding routing order

Answer 11

1. ) Router looks at prefix length (most specific)
2. ) Lowest AD
3. ) Metric

Question 12

What algorithm does OSPF have?

Answer 12

Djakstra

Question 13

How does OSPF and EIGRP differ in terms of knowing topology?

Answer 13

EIGRP relies on neighbors, OSPF has complete network vision

Question 14

Reference bandwidth for EIGRP and OSPF

Answer 14

10 Mbps for EIGRP and 100Mbps for OSPF

Question 15

PPP and HDLC differences

Answer 15

HDLC is Cisco proprietary

Question 16

What is the difference between LCP and NCP? (For PPP)

Answer 16

LCP: Takes care of setting up a link

NCP: Makes sure we can send IP and other protocols across our PPP links

Question 17

What algorithms are used for encryptions?

Answer 17

AES, DES, DES56

Question 18

What divides an AS into areas?

Answer 18

OSPF

Question 19

What is path isolation and what technologies can be used to accomplish it?

Answer 19

Ensures authenticated users can access the virtual network resources appropriate to their credentials or locations.

GRE tunnel and MPLS VPNs

Question 20

What is access control and what standard is used for it?

Answer 20

Prevents unauthorized users from accessing the virtual network at all

Question 21

What does
RouterA(config-router)#
-and-
RouterA(config-rtr)#

represent?

Answer 21

OSPFv2

-and-

OSPFv3

Question 22

How long does a DHCP server lease IP addresses to Host by default?

Answer 22

1 day

Question 23

Before a user is authenticated, what type of traffic is allowed through the switch port?

Answer 23

EAPOL (Extensible Authentication Protocol over LANs), STP, and CDP (Cisco Discovery Protocol)

Question 24

What command globally enables 802.1x on a switch?

Answer 24

dot1x system-auth-control

Question 25

What does each of the command 'dot1x port-control [force-authorized/force-unauthorized/auto]'

Answer 25

auto: enables authentication on the port, connection is between switch and host; however, if a host is configured with 802.1x authentication, the host will be authenticated force-authorized: configures the port to authorize any host that connects to the port, no 802.1x authentication process will take place force-unauthorized: configures a port to never allow authentication for a connected host

Question 26

How do you configure the OSPF Hello and Dead timers/

Answer 26

ip ospf hello-interval ip ospf dead-interval

Question 27

What does ...!! mean?

Answer 27

An ARP Resolution error

Question 28

What does U.U.U mean?

Answer 28

ICMP Destination Unreachable error

Question 29

What is FIB table?

Answer 29

Contain all prefixes from the IP routing table & structured in a way that is optimized for forwarding

Question 30

What is an adjacency table?

Answer 30

Maintains Layer 2 addressing info for the FIB

Question 31

What is an ARP table?

Answer 31

Contains Layer 3 to Layer 2 address translations

Question 32

What is a CAM table?

Answer 32

Used to find the relationship between Layer 2 address and physical port to reach a device

Question 33

What are serial interfaces most often used for?

Answer 33

To connect routes over point-to-point leased lines. Connects a service provider to another serial device at a remote location

Question 34

What does "!A" mean in traceroute command?

Answer 34

It means there is an ACL applied

Question 35

Where should "ip nat outside" and "ip nat inside" be issued?

Answer 35

"ip nat outside" should be issued on interface that is on the public side of the network "ip nat inside" should be on the private side of the network

Question 36

What does LWAPP protocol do?

Answer 36

Provides info exchange and other things between AP and a WLC (Wireless LAN controller)

Question 37

"switchport port-security violation [protect/restrict/shutdown]" Generates SNMP Trap: Generates Syslog message: Increments violation counter: Places port in error-disabled state:

Answer 37

``` Protect Generates SNMP Trap: No Generates Syslog message: No Increments violation counter: No Places port in error-disabled state: No ``` ``` Restrict Generates SNMP Trap: Yes Generates Syslog message: Yes Increments violation counter: Yes Places port in error-disabled state: No ``` ``` Shutdown Generates SNMP Trap: No Generates Syslog message: Yes Increments violation counter: Yes Places port in error-disabled state: Yes ```

Question 38

What does "switchport nonegotiate" do?

Answer 38

To disable DTP

Question 39

What does "switchport mode access" do?

Answer 39

Puts port into permanent access mode

Question 40

What does "switchport mode dynamic auto" do?

Answer 40

Configures port to become trunk, only of other end of link is configured as a trunk or set to dynamic desirable mode

Question 41

What does "switchport mode dynamic desirable" do?

Answer 41

Configures a port to actively negotiate to become a trunk port

Question 42

When does a router send an ICMP destination unreachable error?

Answer 42

- If a gateway of last resort has not been configured on a router - The remote network is not listed in the routing table on the router

Question 43

Causes of collision domain slowness

Answer 43

- Malfunctioning NIC on an end-user workstation - Duplex mismatches - Interface errors

Question 44

Causes of broadcast domain connectivity slowness (slow intra-VLAN)

Answer 44

- CPU is being overutilized - Misconfigured default gateway - Sluggish application on remote VLAN

Question 45

What devices are on the physical level?

Answer 45

Hubs and repeaters

Question 46

What does split horizon do?

Answer 46

Prevents routers from advertising a route through the same interface from which the route was learned

Question 47

Where should BPDU guards be enabled on?

Answer 47

On PortFast enable ports to prevent STP topology problems

Question 48

What does virtual network services do?

Answer 48

To provide centralized access without compromising the security of the individual groups (Policing is a component of architecture)

Question 49

What does a mismatch of MUT values do to two routers?

Answer 49

Causes a problem

Question 50

How do you find info about DR and BDR?

Answer 50

show ip ospf neighbor

Question 51

What is needed for VTP to synchronize VLAN config info between switches

Answer 51

- Switches must be connected by an ISL or 802.1q trunk link - Case-sensitive VTP domain must match - VTP version must match

Question 52

How many subinterfaces for VTP

Answer 52

Connect a subinterface to each VLAN

Question 53

IPv6 neighbor statuses

Answer 53

``` Incomplete Reachable Stale Delay Probe ```

Question 54

What must be specified for the tunnel source? (GRE tunnel)

Answer 54

Must be specified as an IP address or an interface #

Question 55

Where is the tunnel interface significant? (GRE tunnel)

Answer 55

It is locally significant

Question 56

What must exist on a local router for GRE tunnel?

Answer 56

Route to the tunnel destination must exist on local router

Question 57

What are the four steps to create a GRE tunnel?

Answer 57

1. ) Create tunnel interface 2. ) Assign IP address to tunnel interface 3. ) Specify a tunnel source interface or IP address 4. ) Specify a tunnel destination IP address

Question 58

Does RIP carry subnet mask info?

Answer 58

No it doesn't

Question 59

Difference between collision and late collision

Answer 59

Collision: interruption before 64th byte | Late collision: interruption after 64th byte

Question 60

What is a Runt, Baby Giant, Jumbo?

Answer 60

Runt: frame that is less than 64 bytes and has bad FCS Baby Giant: frame that is up to 1600 bytes Jumbo: frame that is up to 9216 bytes in length

Question 61

What will router do if it detects an IP address conflict, in relation to DHCP pool

Answer 61

Router will remove the IP address from the DHCP pool

Question 62

What switch will be elected as stack master?

Answer 62

Switch with highest priority value

Question 63

How do you enable 802.1x authentication globally and on a single interface?

Answer 63

"dot1x system-auth-control": for globally "authentication port-control": on a single interface

Question 64

What is the default data link protocol for Cisco routers?

Answer 64

HDLC

Question 65

When does a master switch election occur?

Answer 65

- A stack is reset - Anything happens to Stack Master - New switch is added to the stack

Question 66

What are routers running BGP identified as?

Answer 66

BGP speakers

Question 67

How do you find stratum of reference clock if you are NTP master? Stratum of NTP client running on router?

Answer 67

Reference clock if NTP master: show ntp associations | Stratum of NTP client: show ntp status

Question 68

What is MPLS (Multiprotocol Label Switching)?

Answer 68

Used to speed packet delivery over multiple protocols

Question 69

What is the default configuration register value?

Answer 69

0x2102

Question 70

How do you prepare a single port to accept traffic from multiple hosts?

Answer 70

First issue "authentication port-control auto" | Then, "authentication host-mode multi-host"

Question 71

exec-timeout 3 login delay 5 What does 3 and 5 mean in this case?

Answer 71

- It will configure the login inactivity timer on a router to three minutes - Minimum amount of time required between login attempts. 5 seconds in this case

Question 72

What counts as a topology change for STP and RSTP? | What does STP detect as a topology change that RSTP doesn't?

Answer 72

- A non-edge port moves to forwarding state - A new root bridge is manually configured in topology - When a switch in topology is powered off However, only STP detects a port moving to blocking state as a topology change

Question 73

What is a GARP? (Gratuitous ARP)

Answer 73

Commonly used to test for IP address conflicts or to prepopulate the ARP tables of adjacent network hosts

Question 74

What is a RARP? (Reverse Address Resolution Protocol)

Answer 74

Used to translate hardware interface addresses to protocol addresses

Question 75

How are active routers and standby routers determined?

Answer 75

Highest standby priority would be active router. If tied, higher IP address is used. 2nd highest is standby router

Question 76

What are loop guards and with what should it not be used in conjunction?

Answer 76

Place inconsistent ports in blocking state. Should not be used in conjunction with PortFast or root guard

Question 77

What are the first 24 bits of a 48-bit multicast MAC address?

Answer 77

0100.5E

Question 78

What is the delay value of FastEthernet interfaces?

Answer 78

10

Question 79

What do Native VLANs allow in relation to remote switches and 802.1q trunk links?

Answer 79

It allows traffic to be sent to remote switches over an 802.1q trunk link untagged

Question 80

How do you configure a logical interface?

Answer 80

interface dialer 1 ip address negotiated encapsulation ppp pppoe-client dial-pool-number 1

Question 81

Will HDLC work with different routers from various vendors?

Answer 81

No

Question 82

Explain a hub-and-spoke technology

Answer 82

Every devices or site is directly connected by a single interface to a central device or site

Question 83

Where does Cisco recommend traffic to be classified and marked?

Answer 83

As close to the network edge as possible

Question 84

After a host receives a DHPACK packet, how long will a host wait before it attempts to renew?

Answer 84

12 hours

Question 85

By how much does Spanning Tree Root Bridge priorities go up by? What's the third-lowest priority?

Answer 85

They go up by 4096. | Third lowest priority would be 8192

Question 86

What is HMAC?

Answer 86

Mechanism that uses a hash function to verify the integrity of data transmitted over a VPN

Question 87

What is Diffie-Hellman (DH)?

Answer 87

Secure method of exchanging public encryption keys over public network

Question 88

Are link-local unicast addresses routable?

Answer 88

No